[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on draft-ietf-ipsec-ike-01.txt (long)

To: Dan Harkins <dharkins@network-alchemy.com>
Subject: Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
From: "Derrell D. Piper" <ddp@network-alchemy.com>
Date: Thu, 03 Jun 1999 09:38:54 -0700
cc: Paul Koning <pkoning@xedia.com>, ipsec@lists.tislabs.com
In-reply-to: Your message of "Wed, 02 Jun 1999 14:09:07 PDT." <199906022109.OAA26844@potassium.network-alchemy.com>
Sender: owner-ipsec@lists.tislabs.com

>   So let me ask the entire working group: should vendors be prohibited from
> accepting a key length greater than what they have configured? Should they
> be prohibited from accepting a stronger group? 

Absolutely not and I'd go so far as to make it a SHOULD instead of a MAY.

We're trying to design good security, not workarounds for bad implementations.

Derrell

Follow-Ups:

Re: Comments on draft-ietf-ipsec-ike-01.txt (long)

From: Paul Koning <pkoning@xedia.com>

Re: Comments on draft-ietf-ipsec-ike-01.txt (long)

From: Joe Tardo <jtardo@freegate.com>

References:

Re: Comments on draft-ietf-ipsec-ike-01.txt (long)

From: Dan Harkins <dharkins@network-alchemy.com>

Prev by Date: RE: Comments on draft-ietf-ipsec-ike-01.txt (long)
Next by Date: Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
Prev by thread: Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
Next by thread: Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
Index(es):
- Main
- Thread